Date: Sat, 22 Jul 2000 12:01:44 -0700 From: "David Schwartz" <davids@webmaster.com> To: "Mark Murray" <mark@grondar.za>, "Kris Kennaway" <kris@FreeBSD.org> Cc: <current@FreeBSD.org> Subject: RE: randomdev entropy gathering is really weak Message-ID: <NCBBLIEPOCNJOAEKBEAKOEPGJNAA.davids@webmaster.com> In-Reply-To: <200007221200.OAA06345@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> From the Yarrow paper: > ``Yarrow's outputs are cryptographically derived. Systems that > use Yarrow's > outputs are no more secure than the generation mechanism used.'' > > We currently have Yarrow-256(Blowfish); wanna make it Yarrow-1024? I could > make it so. > > M > -- > Mark Murray It doesn't matter if it's Yarrow-256, Yarrow-1024, or Yarrow-1000000000. /dev/random should block if the system does not contain as much real entropy as the reader desires. Otherwise, the PRNG implementation will be the weakest link for people who have deliberately selected higher levels of protection from cryptographic attack. DS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NCBBLIEPOCNJOAEKBEAKOEPGJNAA.davids>